General

  • Target

    23eb2dd6c8fa5e0ba32f163977555368cdb52bb1491a5a12f97b61ea175cb450

  • Size

    433KB

  • Sample

    241104-13rm5syfkm

  • MD5

    ecfa2c662944cc66e6b40b82fe43217a

  • SHA1

    8fa94982f4be895e533b886e5d93d8f9e6b99373

  • SHA256

    23eb2dd6c8fa5e0ba32f163977555368cdb52bb1491a5a12f97b61ea175cb450

  • SHA512

    6a46e3d1baf1ccbec1278efad647e7d1f188fd5b7bb837a0baebcc195cedcaf9309f81735475704f43db259d97914c659e5bdb850e60a01ca302ad0535392c9f

  • SSDEEP

    6144:AdToZq3KGUE6ySWgZk589XDR8JuLLH2PRpm7oio4AylG8Tqpx:KTn4E6y+k58dGQX2PRpm7/o4AD8Tq/

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      23eb2dd6c8fa5e0ba32f163977555368cdb52bb1491a5a12f97b61ea175cb450

    • Size

      433KB

    • MD5

      ecfa2c662944cc66e6b40b82fe43217a

    • SHA1

      8fa94982f4be895e533b886e5d93d8f9e6b99373

    • SHA256

      23eb2dd6c8fa5e0ba32f163977555368cdb52bb1491a5a12f97b61ea175cb450

    • SHA512

      6a46e3d1baf1ccbec1278efad647e7d1f188fd5b7bb837a0baebcc195cedcaf9309f81735475704f43db259d97914c659e5bdb850e60a01ca302ad0535392c9f

    • SSDEEP

      6144:AdToZq3KGUE6ySWgZk589XDR8JuLLH2PRpm7oio4AylG8Tqpx:KTn4E6y+k58dGQX2PRpm7/o4AD8Tq/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks